search

typesense / typesense-docsearch.js

A fork of Algolia's awesome DocSearch.js, customized to use data from Typesense.
MIT License
29 stars 11 forks source link

Lockfile has incorrect entry for "typesense-docsearch-css@^0.4.0" #12

Closed Zamiell closed 10 months ago

Zamiell commented 1 year ago

Description

Steps to reproduce

npm init --yes
yarn add typesense-docsearch-react

This gives the following warning:

Lockfile has incorrect entry for "typesense-docsearch-css@^0.4.0". Ignoring it.

Expected behavior

The library should give no warnings when installing it.

javierbrea commented 1 year ago

When using PNPM, the problem is more serious, because it does not only produce a warning, but an installation error:

ERR_PNPM_UNEXPECTED_PKG_CONTENT_IN_STORE  Package name mismatch found while reading {"integrity":"sha512-hVTJC1Rg2BnNB4kl2Qi4GcgjFmPZY8YGu0aJ5V6iM6vK62yvtE7jObnAc1maYOp33NWFVLPgl/9PlBfWBlN0Dw==","registry":"https://registry.npmjs.org/","tarball":"https://registry.npmjs.org/typesense-docsearch-css/-/typesense-docsearch-css-0.4.0.tgz"} from the store. This means that the lockfile is broken. Expected package: typesense-docsearch-css@0.4.0. Actual package in the store by the given integrity: typesense-docsearch-css@0.3.0.

It happens in CI when caching the PNPM store. The first time it install the dependencies correctly, but next times installation fails.

I have tried removing the PNPM store, the node_modules folder and the pnpm-lock.yaml file and then reinstalling in order to regenerate the lock-file, and didn't work. I also tried with pnpm install --fix-lockfile, and nothing, same result. The only workaround that I have found is to not caching the PNPM store, which is not desirable at all.

The same happens when installing in a Docker image using pnpm fetch. The first time works, next times fails with the provided error. In this case, I have to remove the whole store by using rm -rf $(pnpm store path) before installing, which, again, is not desirable.

Gijsdeman commented 11 months ago

Any updates on this? This warning causes the build of my Docker container to fail. I have to manually change the yarn.lock file to prevent this from happening, which is of course not desirable.

jasonbosco commented 11 months ago

I just tried this and it seems to work for me:

➜  /tmp mkdir t

➜  /tmp cd t

➜  t npm init --yes
Wrote to /private/tmp/t/package.json:

{
  "name": "t",
  "version": "1.0.0",
  "description": "",
  "main": "index.js",
  "scripts": {
    "test": "echo \"Error: no test specified\" && exit 1"
  },
  "keywords": [],
  "author": "",
  "license": "ISC"
}

➜  t yarn add typesense-docsearch-react
yarn add v1.22.19
info No lockfile found.
[1/4] 🔍  Resolving packages...
[2/4] 🚚  Fetching packages...
[3/4] 🔗  Linking dependencies...
warning "typesense-docsearch-react > typesense-instantsearch-adapter@2.7.1" has unmet peer dependency "@babel/runtime@^7.17.2".
warning "typesense-docsearch-react > typesense@1.7.1" has unmet peer dependency "@babel/runtime@^7.17.2".
warning "typesense-docsearch-react > @algolia/autocomplete-preset-algolia@1.8.2" has unmet peer dependency "@algolia/client-search@>= 4.9.1 < 6".
warning "typesense-docsearch-react > @algolia/autocomplete-preset-algolia@1.8.2" has unmet peer dependency "algoliasearch@>= 4.9.1 < 6".
[4/4] 🔨  Building fresh packages...
success Saved lockfile.
success Saved 9 new dependencies.
info Direct dependencies
└─ typesense-docsearch-react@3.4.0
info All dependencies
├─ @algolia/autocomplete-core@1.8.2
├─ @algolia/autocomplete-preset-algolia@1.8.2
├─ axios@0.26.1
├─ follow-redirects@1.15.3
├─ loglevel@1.8.1
├─ typesense-docsearch-css@0.3.0
├─ typesense-docsearch-react@3.4.0
├─ typesense-instantsearch-adapter@2.7.1
└─ typesense@1.7.1
✨  Done in 2.67s.

➜  t yarn install
yarn install v1.22.19
[1/4] 🔍  Resolving packages...
warning Lockfile has incorrect entry for "typesense-docsearch-css@^0.4.0". Ignoring it.
[2/4] 🚚  Fetching packages...
[3/4] 🔗  Linking dependencies...
warning "typesense-docsearch-react > @algolia/autocomplete-preset-algolia@1.8.2" has unmet peer dependency "@algolia/client-search@>= 4.9.1 < 6".
warning "typesense-docsearch-react > @algolia/autocomplete-preset-algolia@1.8.2" has unmet peer dependency "algoliasearch@>= 4.9.1 < 6".
warning "typesense-docsearch-react > typesense@1.7.1" has unmet peer dependency "@babel/runtime@^7.17.2".
warning "typesense-docsearch-react > typesense-instantsearch-adapter@2.7.1" has unmet peer dependency "@babel/runtime@^7.17.2".
[4/4] 🔨  Building fresh packages...
success Saved lockfile.
✨  Done in 0.17s.

➜  t node --version
v16.20.2

May I know what version of yarn you're using?

javierbrea commented 11 months ago

Hi @jasonbosco , I'm using Pnpm, not Yarn.

jasonbosco commented 11 months ago

Hmmm, then I'm not sure where the issue is... because when I run yarn install it doesn't update the yarn.lock for eg. So I'd assume the yarn.lock file is up to date with what's in package.json, at least according to yarn?

I haven't used pnpm before, but if you have any ideas on how to address this issue with pnpm, happy to entertain a PR.

javierbrea commented 10 months ago

Hi again @jasonbosco , I have created a repository for reproducing the issue: https://github.com/javierbrea/typesense-docsearch-css-issue. The repository contains:

Versions

Expected behavior

The installation of the NPM dependencies should succeed every time the workflow is run.

Actual behavior

The first time the workflow is run, the installation of the dependencies succeeds. The second time the workflow is run, the installation of the typesense-docsearch-css package fails with the following error:

ERR_PNPM_UNEXPECTED_PKG_CONTENT_IN_STORE  Package name mismatch found while reading {"integrity":"sha512-hVTJC1Rg2BnNB4kl2Qi4GcgjFmPZY8YGu0aJ5V6iM6vK62yvtE7jObnAc1maYOp33NWFVLPgl/9PlBfWBlN0Dw==","registry":"https://registry.npmjs.org/","tarball":"https://registry.npmjs.org/typesense-docsearch-css/-/typesense-docsearch-css-0.4.0.tgz"} from the store. This means that the lockfile is broken. Expected package: typesense-docsearch-css@0.4.0. Actual package in the store by the given integrity: typesense-docsearch-css@0.3.0.
Error: Process completed with exit code 1.

How to reproduce the issue

  1. Fork the example repository
  2. Push to any branch to run the workflow
  3. Run the workflow again
javierbrea commented 10 months ago

I think that the problem may be related to versions 0.3.0 and 0.4.0 having the same integrity checksum. In fact, the code of the 0.4.0 version seems to be exactly the same than the 0.3.0 version, including the version defined in the package.json file. I have checked it in the package's NPM page.

So, maybe there was a problem in the release process, and the 0.4.0 version was published with the 0.3.0 code. Maybe this could be fixed by publishing a new 0.4.1 version, and marking the 0.4.0 one as deprecated. Ideally, new versions of typesense-docsearch-react and docusaurus-theme-search-typesense should be also published to upgrade the dependency, allowing users experiencing the issue to simply upgrade the docusaurus-theme-search-typesense version in their package.json file. But, I suppose that publishing only a new typesense-docsearch-css version would be enough to provide a possible workaround, because it would allow users to pin the dependency by modifying the lock file or running pnpm update.

image

If I can help somehow by opening a PR or whatever, please let me know.

jasonbosco commented 10 months ago

Thank you for looking into this @javierbrea.

I just published typesense-docsearch-css@0.4.1. Could you give it a shot and let me know if that fixes the issue? If it does, I can then publish new versions of the upstream dependencies as well.

javierbrea commented 10 months ago

Hi @jasonbosco , I have upgraded the dependency in the repository I created for testing this, and now it works properly: https://github.com/javierbrea/typesense-docsearch-css-issue/actions/runs/6703933560. The workflow has been executed successfully three times with the Pnpm cache enabled.

It would be great if you also publish new versions of the upstream dependencies 😃

Thank you very much.

jasonbosco commented 10 months ago

@javierbrea Thank you for confirming.

I've published new patch versions of typesense-docsearch-css, typesense-docsearch.js, typesense-docsearch-react and docusaurus-theme-search-typesense.

Could you confirm if these work too?

javierbrea commented 10 months ago

@jasonbosco , I have tested all new versions in different branches in my repository, and all of them work properly. I guess that the issue can be closed. Thank you again!

jasonbosco commented 10 months ago

Great, thank you again for helping track this issue down!